Apache Tomcat - Account Scanner / 'PUT' Request Command Execution

EDB-ID:

18619

CVE:

N/A


Author:

kingcope

Type:

remote


Platform:

Multiple

Date:

2012-03-19


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

ISOWAREZ RELEASE
By KINGCOPE - YEAR 2012

-== Apache Tomcat Remote Exploit and Account Scanner ==-

the modified pnscan scanner utility scans a range of IPs to find open
apache tomcat servers
by trying the following login access combinations:

tomcat:tomcat
password:password
admin:admin
admin:password
admin:<nopassword>
tomcat:<nopassword>

the included perl script can be used to unlock apache tomcat servers
remotely by using the collected login combinations.
it will retrieve either a root or SYSTEM reverse shell depending on
the operating system
or the equivalent of a reverse shell as the current user tomcat is running as.
the exploit might contain metasploit logic (thanks to jduck).

Enjoy :>

/Kingcope

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18619.zip (tomcat-remote.zip)